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DETAILED ACTION 
Response to Arguments 

1 . Applicant's arguments witli respect to tine claims have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

2. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

3. Claims 1 -5, 1 2, 1 3, 1 5, 1 6, 1 9-22, 26-30, 33, 34, 37, 41 -43, 47-49 are rejected 
under 35 U.S.C. 103(a) as being unpatentable over BJELLAND et a! (US 2002/0034935 
A1 ) in view of the applicant's description of the prior art (hereinafter ADPA), ALBERT et 
al (US 2003/0056096 A1), and FORSLOW (US 2003/0039237). 

Regarding claim 1, BJELLAND discloses a method (abstract), said method 
comprising: using an authentication message to signal a service selection information 
via a first network to an authentication server [RADIUS] of a second network, the 
service selection information indicating an access point (Figure 2, 3; paragraph 14, 15; 
mobile terminal request attachment to a network and context activation); and using said 
service selection information to connect to at least one service provided over said 
access point indicated by said service selection information (paragraph 15, 16; FDR 
context activation), wherein said service selection information comprises at least one 
access point name parameter (paragraph 16; APN indicating relevant GGSN), wherein 
said at least one access point parameter comprises an access point name (paragraph 
16), and wherein said at least one access point name parameter is transmitted in said 
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authentication message so that said access point name can be read by an access 
server (paragraph 16; DNS server used to read APN). However, BJELLAND does not 
expressly disclose wherein an access point parameter comprises a username and a 
password, and wherein the user name and password can only be decrypted at a 
network defined by the access point name. ADPA discloses wherein service selection 
information comprises at least one access point name parameter, wherein said at least 
one access point parameter comprises an access point name, a username and a 
password, and wherein said at least one access point name parameter is transmitted in 
said authentication message so that said access point name can be read by an access 
server, and the user name and password can only be read at a network defined by the 
access point name (paragraph 6 of the background of the invention). Therefore it would 
have been obvious to a person of ordinary skill in the art at the time the invention was 
made to modify BJELLAND to include the teachings of ADPA, since ADPA states that 
such techniques were known and standard in the art (according to 3GPP TS 23.060) 
and therefore could be used to provide standardized protocol techniques to the existing 
invention. However, the combination of BJELLAND and ADPA does not expressly 
disclose the encryption and decryption of transmitted data. ALBERT discloses 
encryption and decryption of transmitted data (paragraph 15-22, 64). Therefore it would 
have been obvious to a person of ordinary skill in the art at the time the invention was 
made to modify the combination of BJELLAND and ADPA to include the teachings of 
ALBERT, since ALBERT states that such a modification would allow a system to 
implement greater security measures when transmitting data (see paragraph 2, 64). 
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Furthermore, the encryption and decryption of data along any two points of a network 
would increase data security between the two points. However, the combination of 
BJELLAND, ADPA, and ALBERT does not expressly disclose wherein the first and 
second networks are distinct; and selecting using the authentication server, a gateway 
in the second network to connect to the first network (BJELLAND discloses a RADIUS 
server within the GGSN of the network). In the same field of endeavor, FORSLOW 
discloses wherein the first 25 and second networks 20 are distinct (Figure 1 ; packet 
data network and local area network); and selecting using the authentication server, a 
gateway in the second network to connect to the first network (paragraph 94, 98; 
authentication at the RADIUS server located within the ISP network and when 
authenticated, includes tunneling configuration information to the GGSN). Therefore it 
would have been obvious to a person of ordinary skill in the art at the time the invention 
was made to modify the combination of BJELLAND, ADPA, and ALBERT to include the 
teachings of FORSLOW, since such a modification provides authentication means from 
an external network that provides security access based on a known identification 
and/or password predefined at the external network (see paragraph 94). 

Regarding claim 2, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein said first network is a wireless local area 
network (ADPA - paragraph 4, 5; ALBERT - paragraph 3). Furthermore, see the 
motivation provide in the parent claim regarding combination of the references. 
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Regarding claim 3, see tine rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein said second network is a cellular packet- 
switched network (BJELLAND - abstract; GPRS network; ADPA - paragraph 5, 6). 
Furthermore, see the motivation provide in the parent claim regarding combination of 
the references. 

Regarding claim 4, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein said cellular packet-switched network is a 
GPRS network (BJELLAND - abstract; GPRS network; ADPA - paragraph 5, 6). 
Furthermore, see the motivation provide in the parent claim regarding combination of 
the references. 

Regarding claim 5, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein said authentication message is an EAP 
message (ALBERT - paragraph 13, 57, 61). Furthermore, see the motivation provide in 
the parent claim regarding combination of the references. 

Regarding claim 12, BJELLAND discloses an apparatus (abstract), comprising: a 
processor to extract from a received authentication message a service selection 
information to select a service (Figure 2, 3; paragraph 14, 15; mobile terminal request 
attachment to a network and context activation. It is noted that a processor and 
computing means would be inherently necessary for data extraction and processing). 
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wherein the processor is configured to use said service selection information to 
establish a connection to services provided over an access point indicated by said 
service selection information (paragraph 15, 16; PDP context activation), wherein said 
service selection information comprises at least one access point name parameter 
(paragraph 16; APN Indicating relevant GGSN), wherein said at least one access point 
parameter comprises an access point name (paragraph 16), and wherein said at least 
one access point name parameter is transmitted in said authentication message so that 
said access point name can be read by an access server (paragraph 16; DNS server 
used to read APN). However, BJELLAND does not expressly disclose wherein an 
access point parameter comprises a username and a password, and wherein the user 
name and password can only be decrypted at a network defined by the access point 
name. ADPA discloses wherein service selection information comprises at least one 
access point name parameter, wherein said at least one access point parameter 
comprises an access point name, a username and a password, and wherein said at 
least one access point name parameter is transmitted in said authentication message 
so that said access point name can be read by an access server, and the user name 
and password can only be read at a network defined by the access point name 
(paragraph 6 of the background of the invention). Therefore It would have been obvious 
to a person of ordinary skill in the art at the time the invention was made to modify 
BJELLAND to include the teachings of ADPA, since ADPA states that such techniques 
were known and standard in the art (according to 3GPP TS 23.060) and therefore could 
be used to provide standardized protocol techniques to the existing invention. However, 
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the combination of BJELLAND and ADPA does not expressly disclose the encryption 
and decryption of transmitted data. ALBERT discloses encryption and decryption of 
transmitted data (paragraph 15-22, 64). Therefore it would have been obvious to a 
person of ordinary skill in the art at the time the invention was made to modify the 
combination of BJELLAND and ADPA to include the teachings of ALBERT, since 
ALBERT states that such a modification would allow a system to implement greater 
security measures when transmitting data (see paragraph 2, 64). Furthermore, the 
encryption and decryption of data along any two points of a network would increase 
data security between the two points. However, the combination of BJELLAND, ADPA, 
and ALBERT does not expressly disclose wherein the first and second networks are 
distinct; and selecting using a gateway in the second network to connect to the first 
network (BJELLAND discloses a RADIUS server within the GGSN of the network). In 
the same field of endeavor, FORSLOW discloses wherein the first 25 and second 
networks 20 are distinct (Figure 1; packet data network and local area network); and 
selecting using the authentication server, a gateway in the second network to connect to 
the first network (paragraph 94, 98; authentication at the RADIUS server located within 
the ISP network and when authenticated, includes tunneling configuration information to 
the GGSN). Therefore it would have been obvious to a person of ordinary skill in the art 
at the time the invention was made to modify the combination of BJELLAND, ADPA, 
and ALBERT to include the teachings of FORSLOW, since such a modification provides 
authentication means from an external network that provides security access based on 
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a known identification and/or password predefined at the external network (see 
paragrapli 94). 

Regarding claim 13, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein said authentication message is an EAR 
message (ALBERT - paragraph 13, 57, 61). Furthermore, see the motivation provide in 
the parent claim regarding combination of the references. 

Regarding claim 15, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein said authentication server is a standalone 
WLAN authentication server (ALBERT - paragraph 55, 58). Furthermore, see the 
motivation provide in the parent claim regarding combination of the references. 

Regarding claim 16, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein said processor is a GPRS node (BJELLAND 
- abstract; GPRS network; ADPA - paragraph 5, 6). Furthermore, see the motivation 
provide in the parent claim regarding combination of the references. 

Regarding claim 19, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA further 
discloses wherein at least one of said APN parameters is decrypted in said 
authentication server (ALBERT - paragraph 15-22, 64; furthermore, see independent 
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claim regarding transmission and reception of data). Furthermore, see the motivation 
provide in the parent claim regarding combination of the references. 

Regarding claim 20, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein at least one of said APN parameter is 
foHA/arded by the authentication server to said access point in an encrypted manner 
(ALBERT - paragraph 15-22, 64; furthermore, see independent claim regarding 
transmission and reception of data). Furthermore, see the motivation provide in the 
parent claim regarding combination of the references. 

Regarding claim 21, BJELLAND discloses a apparatus (abstract), comprising: a 
processor configured to set in an authentication message a service selection 
information regarding selection of a network service (paragraph 15, 16; PDP context 
activation. It is noted that a processor and computing means would be inherently 
necessary for data extraction and processing), wherein said service selection 
information comprises at least one access point name parameter (paragraph 16; APN 
indicating relevant GGSN), wherein said at least one access point parameter comprises 
an access point name (paragraph 16), and wherein said at least one access point name 
parameter is transmitted in said authentication message so that said access point name 
can be read by an access server (paragraph 16; DNS server used to read APN). 
However, BJELLAND does not expressly disclose wherein an access point parameter 
comprises a username and a password, and wherein the user name and password can 
only be decrypted at a network defined by the access point name. ADPA discloses 
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wherein service selection information comprises at least one access point name 
parameter, wherein said at least one access point parameter comprises an access point 
name, a username and a password, and wherein said at least one access point name 
parameter is transmitted in said authentication message so that said access point name 
can be read by an access server, and the user name and password can only be read at 
a network defined by the access point name (paragraph 6 of the background of the 
invention). Therefore it would have been obvious to a person of ordinary skill in the art 
at the time the invention was made to modify BJELLAND to include the teachings of 
ADPA, since ADPA states that such techniques were known and standard in the art 
(according to 3GPP TS 23.060) and therefore could be used to provide standardized 
protocol techniques to the existing invention. However, the combination of BJELLAND 
and ADPA does not expressly disclose the encryption and decryption of transmitted 
data. ALBERT discloses encryption and decryption of transmitted data (paragraph 15- 
22, 64). Therefore it would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to modify the combination of BJELLAND and ADPA to 
include the teachings of ALBERT, since ALBERT states that such a modification would 
allow a system to implement greater security measures when transmitting data (see 
paragraph 2, 64). Furthermore, the encryption and decryption of data along any two 
points of a network would increase data security between the two points. However, the 
combination of BJELLAND, ADPA, and ALBERT does not expressly disclose wherein 
the first and second networks are distinct; and wherein the access server is configured 
to select a gateway in the second network to connect to the first network (BJELLAND 
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discloses a RADIUS server within the GGSN of the network). In the same field of 
endeavor, FORSLOW discloses wherein the first 25 and second networks 20 are 
distinct (Figure 1; packet data network and local area network); and wherein the access 
server is configured to select a gateway in the second network to connect to the first 
network (paragraph 94, 98; authentication at the RADIUS server located within the ISP 
network and when authenticated, includes tunneling configuration information to the 
GGSN). Therefore it would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to modify the combination of BJELLAND, ADPA, and 
ALBERT to include the teachings of FORSLOW, since such a modification provides 
authentication means from an external network that provides security access based on 
a known identification and/or password predefined at the external network (see 
paragraph 94). 

Regarding claim 22, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein said authentication message is an EAP 
message (ALBERT - paragraph 13, 57, 61). Furthermore, see the motivation provide in 
the parent claim regarding combination of the references. 

Regarding claim 26, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. BJELLAND further discloses wherein said service 
is a general packet radio service (abstract; paragraph 14-16). 

Regarding claim 27, BJELLAND discloses a system [Figures 1-3] for providing 
access from a first network [home network] to a service of a second network [external 
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network], said system comprising: a terminal device connected to a first network 
configured to provide access to a network service, said terminal device configured to set 
in an authentication message a service selection information regarding selection of said 
network service (Figure 2, 3; paragraph 14, 15; mobile terminal request attachment to a 
network and context activation); and an authentication server device [RADIUS server] 
connected to a second network, said authentication server device configured for 
providing an authentication mechanism, said authentication server device configured to 
extract from a received authentication message said service selection information to 
select said service, and to use said service selection information to establish a 
connection to services provided over an access point indicated by said service selection 
information (paragraph 15, 16; PDP context activation), wherein said service selection 
information comprises at least one access point name parameter (paragraph 16; APN 
indicating relevant GGSN), wherein said at least one access point parameter comprises 
an access point name (paragraph 16), and wherein said at least one access point name 
parameter is transmitted in said authentication message so that said access point name 
can be read by an access server (paragraph 16; DNS server used to read APN). 
However, BJELLAND does not expressly disclose wherein an access point parameter 
comprises a username and a password, and wherein the user name and password can 
only be decrypted at a network defined by the access point name. ADPA discloses 
wherein service selection information comprises at least one access point name 
parameter, wherein said at least one access point parameter comprises an access point 
name, a username and a password, and wherein said at least one access point name 
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parameter is transmitted in said authentication message so that said access point name 
can be read by an access server, and the user name and password can only be read at 
a network defined by the access point name (paragraph 6 of the background of the 
invention). Therefore it would have been obvious to a person of ordinary skill in the art 
at the time the Invention was made to modify BJELLAND to include the teachings of 
ADPA, since ADPA states that such techniques were known and standard in the art 
(according to 3GPP TS 23.060) and therefore could be used to provide standardized 
protocol techniques to the existing invention. However, the combination of BJELLAND 
and ADPA does not expressly disclose the encryption and decryption of transmitted 
data. ALBERT discloses encryption and decryption of transmitted data (paragraph 15- 
22, 64). Therefore it would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to modify the combination of BJELLAND and ADPA to 
Include the teachings of ALBERT, since ALBERT states that such a modification would 
allow a system to Implement greater security measures when transmitting data (see 
paragraph 2, 64). Furthermore, the encryption and decryption of data along any two 
points of a network would increase data security between the two points. However, the 
combination of BJELLAND, ADPA, and ALBERT does not expressly disclose wherein 
the first and second networks are distinct; and selecting using the authentication server, 
a gateway In the second network to connect to the first network (BJELLAND discloses a 
RADIUS server within the GGSN of the network). In the same field of endeavor, 
FORSLOW discloses wherein the first 25 and second networks 20 are distinct (Figure 1 ; 
packet data network and local area network); and selecting using the authentication 
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server, a gateway in tlie second networl^ to connect to tine first network (paragraph 94, 
98; authentication at the RADIUS server located within the ISP network and when 
authenticated, includes tunneling configuration information to the GGSN). Therefore it 
would have been obvious to a person of ordinary skill in the art at the time the invention 
was made to modify the combination of BJELLAND, ADPA, and ALBERT to include the 
teachings of FORSLOW, since such a modification provides authentication means from 
an external network that provides security access based on a known identification 
and/or password predefined at the external network (see paragraph 94). 

Regarding claim 28, BJELLAND discloses a method comprising: extracting, by a 
processor coupled to a second network, from a received authentication message 
received via a first network a service selection information to select a service (Figure 2, 
3; paragraph 14, 15; mobile terminal request attachment to a network and context 
activation. It is noted that a processor and computing means is inherently necessary for 
data extraction and processing); and b) using, by a processor coupled to the second 
network, said service selection information to establish a connection to services 
provided over an access point indicated by said service selection information 
(paragraph 15, 16; PDP context activation), wherein said service selection information 
comprises at least one access point name parameter (paragraph 16; APN indicating 
relevant GGSN), wherein said at least one access point parameter comprises an 
access point name (paragraph 1 6), and wherein said at least one access point name 
parameter is transmitted in said authentication message so that said access point name 
can be read by an access server (paragraph 16; DNS server used to read APN). 
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However, BJELLAND does not expressly disclose wherein an access point parameter 
comprises a username and a password, and wherein the user name and password can 
only be decrypted at a network defined by the access point name. ADPA discloses 
wherein service selection information comprises at least one access point name 
parameter, wherein said at least one access point parameter comprises an access point 
name, a username and a password, and wherein said at least one access point name 
parameter is transmitted in said authentication message so that said access point name 
can be read by an access server, and the user name and password can only be read at 
a network defined by the access point name (paragraph 6 of the background of the 
invention). Therefore it would have been obvious to a person of ordinary skill in the art 
at the time the invention was made to modify BJELLAND to include the teachings of 
ADPA, since ADPA states that such techniques were known and standard in the art 
(according to 3GPP TS 23.060) and therefore could be used to provide standardized 
protocol techniques to the existing invention. However, the combination of BJELLAND 
and ADPA does not expressly disclose the encryption and decryption of transmitted 
data. ALBERT discloses encryption and decryption of transmitted data (paragraph 15- 
22, 64). Therefore it would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to modify the combination of BJELLAND and ADPA to 
include the teachings of ALBERT, since ALBERT states that such a modification would 
allow a system to implement greater security measures when transmitting data (see 
paragraph 2, 64). Furthermore, the encryption and decryption of data along any two 
points of a network would increase data security between the two points. However, the 
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combination of BJELLAND, ADPA, and ALBERT does not expressly disclose wherein 
the first and second networks are distinct; and selecting using the processor coupled to 
the second network, a gateway in the second network to connect to the first network 
(BJELLAND discloses a RADIUS server within the GGSN of the network). In the same 
field of endeavor, FORSLOW discloses wherein the first 25 and second networks 20 are 
distinct (Figure 1; packet data network and local area network); and selecting using a 
processor coupled to the second network, a gateway in the second network to connect 
to the first network (paragraph 94, 98; authentication at the RADIUS server located 
within the ISP network and when authenticated, includes tunneling configuration 
information to the GGSN). Therefore it would have been obvious to a person of 
ordinary skill in the art at the time the invention was made to modify the combination of 
BJELLAND, ADPA, and ALBERT to include the teachings of FORSLOW, since such a 
modification provides authentication means from an external network that provides 
security access based on a known identification and/or password predefined at the 
external network (see paragraph 94). 

Regarding claim 29, BJELLAND discloses a method comprising: setting in an 
authentication message sent from a first network to a second network a service 
selection information regarding selection of a network service at a terminal device 
(Figure 2, 3; paragraph 14, 15; mobile terminal request attachment to a network and 
context activation. It is noted that a processor and computing means is inherently 
necessary for data extraction and processing), wherein said at least one access point 
parameter comprises an access point name (paragraph 16), and wherein said at least 
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one access point name parameter is transmitted in said authentication message so tliat 
said access point name can be read by an access server (paragrapli 16; DNS server 
used to read APN). However, BJELLAND does not expressly disclose wherein an 
access point parameter comprises a username and a password, and wherein the user 
name and password can only be decrypted at a network defined by the access point 
name. ADPA discloses wherein service selection information comprises at least one 
access point name parameter, wherein said at least one access point parameter 
comprises an access point name, a username and a password, and wherein said at 
least one access point name parameter is transmitted in said authentication message 
so that said access point name can be read by an access server, and the user name 
and password can only be read at a network defined by the access point name 
(paragraph 6 of the background of the invention). Therefore it would have been obvious 
to a person of ordinary skill in the art at the time the invention was made to modify 
BJELLAND to include the teachings of ADPA, since ADPA states that such techniques 
were known and standard in the art (according to 3GPP TS 23.060) and therefore could 
be used to provide standardized protocol techniques to the existing invention. However, 
the combination of BJELLAND and ADPA does not expressly disclose the encryption 
and decryption of transmitted data. ALBERT discloses encryption and decryption of 
transmitted data (paragraph 15-22, 64). Therefore it would have been obvious to a 
person of ordinary skill in the art at the time the invention was made to modify the 
combination of BJELLAND and ADPA to include the teachings of ALBERT, since 
ALBERT states that such a modification would allow a system to implement greater 
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security measures when transmitting data (see paragrapli 2, 64). Furthermore, the 
encryption and decryption of data along any two points of a network would increase 
data security between the two points. However, the combination of BJELLAND, ADPA, 
and ALBERT does not expressly disclose wherein the first and second networks are 
distinct; and selecting a gateway in the second network to connect to the first network 
(BJELLAND discloses a RADIUS server within the GGSN of the network). In the same 
field of endeavor, FORSLOW discloses wherein the first 25 and second networks 20 are 
distinct (Figure 1; packet data network and local area network); and selecting using the 
authentication server, a gateway in the second network to connect to the first network 
(paragraph 94, 98; authentication at the RADIUS server located within the ISP network 
and when authenticated, includes tunneling configuration information to the GGSN). 
Therefore it would have been obvious to a person of ordinary skill in the art at the time 
the invention was made to modify the combination of BJELLAND, ADPA, and ALBERT 
to include the teachings of FORSLOW, since such a modification provides 
authentication means from an external network that provides security access based on 
a known identification and/or password predefined at the external network (see 
paragraph 94). 

Regarding claim 30, BJELLAND discloses a computer-readable storage medium 
encoded with instructions configured to control a processor to perform a process 
(abstract; It is noted that a processor and computing means is inherently necessary for 
data extraction and processing), the process comprising: using an authentication 
message to signal a service selection information via a first network to an authentication 
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server [RADIUS] of a second network, the service selection information indicating an 
access point (Figure 2, 3; paragraph 14, 15; mobile terminal request attachment to a 
network and context activation); and using said service selection information to connect 
to at least one service provided over said access point indicated by said service 
selection information (paragraph 15, 16; PDP context activation), wherein said service 
selection information comprises at least one access point name parameter (paragraph 
16; APN indicating relevant GGSN), wherein said at least one access point parameter 
comprises an access point name (paragraph 16), and wherein said at least one access 
point name parameter is transmitted in said authentication message so that said access 
point name can be read by an access server (paragraph 16; DNS server used to read 
APN). However, BJELLAND does not expressly disclose wherein an access point 
parameter comprises a username and a password, and wherein the user name and 
password can only be decrypted at a network defined by the access point name. ADPA 
discloses wherein service selection information comprises at least one access point 
name parameter, wherein said at least one access point parameter comprises an 
access point name, a username and a password, and wherein said at least one access 
point name parameter is transmitted in said authentication message so that said access 
point name can be read by an access server, and the user name and password can 
only be read at a network defined by the access point name (paragraph 6 of the 
background of the invention). Therefore it would have been obvious to a person of 
ordinary skill in the art at the time the invention was made to modify BJELLAND to 
include the teachings of ADPA, since ADPA states that such techniques were known 
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and standard in the art (according to 3GPP TS 23.060) and therefore could be used to 
provide standardized protocol techniques to the existing invention. However, the 
combination of BJELLAND and ADPA does not expressly disclose the encryption and 
decryption of transmitted data. ALBERT discloses encryption and decryption of 
transmitted data (paragraph 15-22, 64). Therefore it would have been obvious to a 
person of ordinary skill in the art at the time the invention was made to modify the 
combination of BJELLAND and ADPA to include the teachings of ALBERT, since 
ALBERT states that such a modification would allow a system to implement greater 
security measures when transmitting data (see paragraph 2, 64). Furthermore, the 
encryption and decryption of data along any two points of a network would increase 
data security between the two points. However, the combination of BJELLAND, ADPA, 
and ALBERT does not expressly disclose wherein the first and second networks are 
distinct; and using the service selection information to select a gateway in the second 
network to connect to the first network (BJELLAND discloses a RADIUS server within 
the GGSN of the network). In the same field of endeavor, FORSLOW discloses 
wherein the first 25 and second networks 20 are distinct (Figure 1 ; packet data network 
and local area network); and using service selection information to select a gateway in 
the second network to connect to the first network (paragraph 94, 98; authentication at 
the RADIUS server located within the ISP network and when authenticated, includes 
tunneling configuration information to the GGSN). Therefore it would have been 
obvious to a person of ordinary skill in the art at the time the invention was made to 
modify the combination of BJELLAND, ADPA, and ALBERT to include the teachings of 
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FORSLOW, since such a modification provides authentication means from an external 
network that provides security access based on a known identification and/or password 
predefined at the external network (see paragraph 94). 

Regarding claim 33, BJELLAND discloses a computer-readable storage medium 
encoded with Instructions configured to control a processor to perform a process 
(abstract; it is noted that a processor and computing means would be inherently 
necessary to perform data extraction and processing), the process comprising: 
extracting from a received authentication message a service selection information to 
select a service (Figure 2, 3; paragraph 14, 15; mobile terminal request attachment to a 
network and context activation. It is noted that a processor and computing means 
would be inherently necessary for data extraction and processing), using said service 
selection information to establish a connection to services provided over an access 
point Indicated by said service selection Information (paragraph 15, 16; PDP context 
activation), wherein said service selection information comprises at least one access 
point name parameter (paragraph 16; APN indicating relevant GGSN), wherein said at 
least one access point parameter comprises an access point name (paragraph 16), and 
wherein said at least one access point name parameter Is transmitted In said 
authentication message so that said access point name can be read by an access 
server (paragraph 16; DNS server used to read APN). However, BJELLAND does not 
expressly disclose wherein an access point parameter comprises a username and a 
password, and wherein the user name and password can only be decrypted at a 
network defined by the access point name. ADPA discloses wherein service selection 
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information comprises at least one access point name parameter, wherein said at least 
one access point parameter comprises an access point name, a username and a 
password, and wherein said at least one access point name parameter is transmitted in 
said authentication message so that said access point name can be read by an access 
server, and the user name and password can only be read at a network defined by the 
access point name (paragraph 6 of the background of the invention). Therefore it would 
have been obvious to a person of ordinary skill in the art at the time the invention was 
made to modify BJELLAND to include the teachings of ADPA, since ADPA states that 
such techniques were known and standard in the art (according to 3GPP TS 23.060) 
and therefore could be used to provide standardized protocol techniques to the existing 
invention. However, the combination of BJELLAND and ADPA does not expressly 
disclose the encryption and decryption of transmitted data. ALBERT discloses 
encryption and decryption of transmitted data (paragraph 15-22, 64). Therefore it would 
have been obvious to a person of ordinary skill in the art at the time the invention was 
made to modify the combination of BJELLAND and ADPA to include the teachings of 
ALBERT, since ALBERT states that such a modification would allow a system to 
implement greater security measures when transmitting data (see paragraph 2, 64). 
Furthermore, the encryption and decryption of data along any two points of a network 
would increase data security between the two points. However, the combination of 
BJELLAND, ADPA, and ALBERT does not expressly disclose extracting, using a 
processor connected to a second network, from a received authentication message 
from a first network; selecting a gateway in the second network to connect to the first 
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network, wherein the first and second networks are distinct (BJELLAND discloses a 
RADIUS server within the GGSN of the network). In the same field of endeavor, 
FORSLOW discloses extracting, using a processor connected to a second network, 
from a received authentication message from a first network (paragraph 94, 98); 
selecting a gateway In the second network to connect to the first network, wherein the 
first and second networks are distinct (paragraph 94, 98; authentication at the RADIUS 
server located within the ISP network and when authenticated, includes tunneling 
configuration information to the GGSN). Therefore it would have been obvious to a 
person of ordinary skill in the art at the time the invention was made to modify the 
combination of BJELLAND, ADPA, and ALBERT to include the teachings of 
FORSLOW, since such a modification provides authentication means from an external 
network that provides security access based on a known identification and/or password 
predefined at the external network (see paragraph 94). 

Regarding claim 34, BJELLAND discloses a computer-readable storage medium 
encoded with instructions configured to control a processor to perform a process 
(abstract), the process comprising: setting in an authentication message a service 
selection information regarding selection of a network service (paragraph 15, 16; PDP 
context activation. It is noted that a processor and computing means would be 
inherently necessary for data extraction and processing), wherein said service selection 
information comprises at least one access point name parameter (paragraph 16; APN 
indicating relevant GGSN), wherein said at least one access point parameter comprises 
an access point name (paragraph 16), and wherein said at least one access point name 
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parameter is transmitted in said autlnentication message so that said access point name 
can be read by an access server (paragraph 16; DNS server used to read APN). 
However, BJELLAND does not expressly disclose wherein an access point parameter 
comprises a username and a password, and wherein the user name and password can 
only be decrypted at a network defined by the access point name. ADPA discloses 
wherein service selection information comprises at least one access point name 
parameter, wherein said at least one access point parameter comprises an access point 
name, a username and a password, and wherein said at least one access point name 
parameter is transmitted in said authentication message so that said access point name 
can be read by an access server, and the user name and password can only be read at 
a network defined by the access point name (paragraph 6 of the background of the 
invention). Therefore it would have been obvious to a person of ordinary skill in the art 
at the time the invention was made to modify BJELLAND to include the teachings of 
ADPA, since ADPA states that such techniques were known and standard in the art 
(according to 3GPP TS 23.060) and therefore could be used to provide standardized 
protocol techniques to the existing invention. However, the combination of BJELLAND 
and ADPA does not expressly disclose the encryption and decryption of transmitted 
data. ALBERT discloses encryption and decryption of transmitted data (paragraph 15- 
22, 64). Therefore it would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to modify the combination of BJELLAND and ADPA to 
include the teachings of ALBERT, since ALBERT states that such a modification would 
allow a system to implement greater security measures when transmitting data (see 
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paragraph 2, 64). Furthermore, the encryption and decryption of data along any two 
points of a network would increase data security between the two points. However, the 
combination of BJELLAND, ADPA, and ALBERT does not expressly disclose sending 
the authentication message from via a first network to an authentication server coupled 
to a second network, wherein the first and second networks are distinct; and selecting a 
gateway In the second network to connect to the first network (BJELLAND discloses a 
RADIUS server within the GGSN of the network). In the same field of endeavor, 
FORSLOW discloses sending the authentication message from via a first network to an 
authentication server coupled to a second network, wherein the first and second 
networks are distinct; and selecting a gateway in the second network to connect to the 
first network (paragraph 94, 98; authentication at the RADIUS server located within the 
ISP network and when authenticated, includes tunneling configuration information to the 
GGSN). Therefore It would have been obvious to a person of ordinary skill In the art at 
the time the invention was made to modify the combination of BJELLAND, ADPA, and 
ALBERT to include the teachings of FORSLOW, since such a modification provides 
authentication means from an external network that provides security access based on 
a known identification and/or password predefined at the external network (see 
paragraph 94). 

Regarding claim 37, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein said authentication message is an EAP 
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message (ALBERT - paragraph 13, 57, 61). Furthermore, see the motivation provide in 
the parent claim regarding combination of the references. 

Regarding claim 41, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein at least one of said APN parameters is 
decrypted in said authentication server (ALBERT - paragraph 15-22, 64; furthermore, 
see independent claim regarding transmission and reception of data). Furthermore, see 
the motivation provide in the parent claim regarding combination of the references. 

Regarding claim 42, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein at least one of said APN parameter is 
forwarded by the authentication server to said access point in an encrypted manner 
(ALBERT - paragraph 15-22, 64; furthermore, see independent claim regarding 
transmission and reception of data). Furthermore, see the motivation provide in the 
parent claim regarding combination of the references. 

Regarding claim 43, see the rejections of the parent claim concerning the subject 
matter this claim is dependent upon. The combination of BJELLAND, ADPA, ALBERT, 
and FORSLOW further discloses wherein said authentication message is an EAP 
message (ALBERT - paragraph 13, 57, 61). Furthermore, see the motivation provide in 
the parent claim regarding combination of the references. 
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Regarding claim 47, see tine rejections of the parent claim concerning the subject 
matter this claim is dependent upon. BJELLAND further discloses wherein said service 
is a general packet radio service (abstract; paragraph 14-16). 

Regarding claim 48, BJELLAND discloses an apparatus (abstract), comprising: 
extracting means for extracting from a received authentication message service 
selection information to select a service (Figure 2, 3; paragraph 14, 15; mobile terminal 
request attachment to a network and context activation. It is noted that a processor and 
computing means would be inherently necessary for data extraction and processing), 
controlling means for using said service selection information to establish a connection 
to services provided over an access point indicated by said service selection information 
(paragraph 15, 16; PDP context activation), wherein said service selection information 
comprises at least one access point name parameter (paragraph 16; APN indicating 
relevant GGSN), wherein said at least one access point parameter comprises an 
access point name (paragraph 16), and wherein said at least one access point name 
parameter is transmitted in said authentication message so that said access point name 
can be read by an access server (paragraph 16; DNS server used to read APN). 
However, BJELLAND does not expressly disclose wherein an access point parameter 
comprises a username and a password, and wherein the user name and password can 
only be decrypted at a network defined by the access point name. ADPA discloses 
wherein service selection information comprises at least one access point name 
parameter, wherein said at least one access point parameter comprises an access point 
name, a username and a password, and wherein said at least one access point name 
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parameter is transmitted in said authentication message so that said access point name 
can be read by an access server, and the user name and password can only be read at 
a network defined by the access point name (paragraph 6 of the background of the 
invention). Therefore it would have been obvious to a person of ordinary skill in the art 
at the time the Invention was made to modify BJELLAND to include the teachings of 
ADPA, since ADPA states that such techniques were known and standard in the art 
(according to 3GPP TS 23.060) and therefore could be used to provide standardized 
protocol techniques to the existing invention. However, the combination of BJELLAND 
and ADPA does not expressly disclose the encryption and decryption of transmitted 
data. ALBERT discloses encryption and decryption of transmitted data (paragraph 15- 
22, 64). Therefore it would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to modify the combination of BJELLAND and ADPA to 
Include the teachings of ALBERT, since ALBERT states that such a modification would 
allow a system to Implement greater security measures when transmitting data (see 
paragraph 2, 64). Furthermore, the encryption and decryption of data along any two 
points of a network would increase data security between the two points. However, the 
combination of BJELLAND, ADPA, and ALBERT does not expressly disclose extracting, 
using a processor connected to a second network, from a received authentication 
message from a first network; selecting a gateway in the second network to connect to 
the first network, wherein the first and second networks are distinct (BJELLAND 
discloses a RADIUS server within the GGSN of the network). In the same field of 
endeavor, FORSLOW discloses extracting, using a processor connected to a second 
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network, from a received authentication message from a first network (paragraph 94, 
98); selecting a gateway in the second network to connect to the first network, wherein 
the first and second networks are distinct (paragraph 94, 98; authentication at the 
RADIUS server located within the ISP network and when authenticated, includes 
tunneling configuration information to the GGSN). Therefore it would have been 
obvious to a person of ordinary skill in the art at the time the invention was made to 
modify the combination of BJELLAND, ADPA, and ALBERT to include the teachings of 
FORSLOW, since such a modification provides authentication means from an external 
network that provides security access based on a known identification and/or password 
predefined at the external network (see paragraph 94). 

Regarding claim 49, BJELLAND discloses an apparatus (abstract), comprising: 
setting means for setting in an authentication message a service selection information 
regarding selection of a network service (paragraph 15, 16; POP context activation. It is 
noted that a processor and computing means would be inherently necessary for data 
extraction and processing), sending means for sending the authentication message 
(paragraph 15, 16; context activation), wherein said service selection information 
comprises at least one access point name parameter (paragraph 16; APN indicating 
relevant GGSN), wherein said at least one access point parameter comprises an 
access point name (paragraph 16), and wherein said at least one access point name 
parameter is transmitted in said authentication message so that said access point name 
can be read by an access server (paragraph 16; DNS server used to read APN). 
However, BJELLAND does not expressly disclose wherein an access point parameter 
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comprises a username and a password, and wlierein tine user name and password can 
only be decrypted at a networl< defined by tine access point name. ADPA discloses 
wherein service selection information comprises at least one access point name 
parameter, wherein said at least one access point parameter comprises an access point 
name, a username and a password, and wherein said at least one access point name 
parameter Is transmitted in said authentication message so that said access point name 
can be read by an access server, and the user name and password can only be read at 
a network defined by the access point name (paragraph 6 of the background of the 
invention). Therefore it would have been obvious to a person of ordinary skill in the art 
at the time the invention was made to modify BJELLAND to include the teachings of 
ADPA, since ADPA states that such techniques were known and standard in the art 
(according to 3GPP TS 23.060) and therefore could be used to provide standardized 
protocol techniques to the existing invention. However, the combination of BJELLAND 
and ADPA does not expressly disclose the encryption and decryption of transmitted 
data. ALBERT discloses encryption and decryption of transmitted data (paragraph 15- 
22, 64). Therefore it would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to modify the combination of BJELLAND and ADPA to 
include the teachings of ALBERT, since ALBERT states that such a modification would 
allow a system to implement greater security measures when transmitting data (see 
paragraph 2, 64). Furthermore, the encryption and decryption of data along any two 
points of a network would increase data security between the two points. However, the 
combination of BJELLAND, ADPA, and ALBERT does not expressly disclose sending 
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the authentication message from via a first network to an authentication server coupled 
to a second network, wherein the first and second networks are distinct; and selecting a 
gateway in the second network to connect to the first network (BJELLAND discloses a 
RADIUS server within the GGSN of the network). In the same field of endeavor, 
FORSLOW discloses sending the authentication message from via a first network to an 
authentication server coupled to a second network, wherein the first and second 
networks are distinct; and selecting a gateway in the second network to connect to the 
first network (paragraph 94, 98; authentication at the RADIUS server located within the 
ISP network and when authenticated, includes tunneling configuration Information to the 
GGSN). Therefore it would have been obvious to a person of ordinary skill In the art at 
the time the invention was made to modify the combination of BJELLAND, ADPA, and 
ALBERT to include the teachings of FORSLOW, since such a modification provides 
authentication means from an external network that provides security access based on 
a known Identification and/or password predefined at the external network (see 
paragraph 94). 

4. Claims 6, 7, 14, 23, 24, 38, 44, and 45 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over BJELLAND et al (US 2002/0034935 A1) In view of the 
applicant's description of the prior art (hereinafter ADPA), ALBERT et al (US 
2003/0056096 Al), and FORSLOW (US 2003/0039237) and further in view of 
MCINTOSH et al (US 2003/0139180). 

Regarding claim 6, 24, 45 see the rejections of the parent claim concerning the 
subject matter this claim is dependent upon. Although the combination of BJELLAND, 
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ADPA, ALBERT, and FORSLOW discloses the use of extensible authentication (EAR), 
the combination of BJELLAND, ADPA, ALBERT, and FORSLOW does not expressly 
disclose wherein said extensible authentication protocol message is an extensible 
authentication protocol subscriber identity module or extensible authentication protocol 
authentication and key agreement message. In the same field of endeavor, 
MCINTOSH teaches wherein an extensible authentication protocol message is an 
extensible authentication protocol subscriber identity module or extensible 
authentication protocol authentication and key agreement message (paragraph 68, 71 , 
83, 92). Therefore it would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to modify BJELLAND, ADPA, ALBERT, and 
FORSLOW to include the teachings of MCINTOSH, since such a modification would 
provide authentication means using a standardized protocol. Furthermore, the use of 
any known authentication means would have been an obvious design choice as any 
choice would provide secure network access. 

Regarding claim 7, 14, 23, 38, and 44 see the rejections of the parent claim 
concerning the subject matter this claim is dependent upon. Although the combination 
of BJELLAND, ADPA, ALBERT, and FORSLOW discloses the use of extensible 
authentication (EAP), the combination of BJELLAND, ADPA, ALBERT, and FORSLOW 
does not expressly disclose wherein said authentication message is an EAP Challenge 
Response message. In the same field of endeavor, MCINTOSH discloses wherein an 
authentication message is an EAP Challenge Response message (paragraph 68, 71 , 
83, 121, 147). Therefore it would have been obvious to a person of ordinary skill in the 
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art at the time the invention was made to modify BJELLAND, ADPA, ALBERT, and 
FORSLOW to include the teachings of MCINTOSH, since such a modification would 
provide authentication means using a standardized protocol. Furthermore, the use of 
any known authentication means would have been an obvious design choice as any 
choice would provide secure network access 

Conclusion 

5. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to ARIEL BALAOING whose telephone number is 
(571)272-7317. The examiner can normally be reached on Monday-Friday from 8:00 
AM to 4:30 PM. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, V. Paul Harper can be reached on (571 ) 272-7605. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

A/INCENT P. HARPER/ /Ariel Balaoing/ 

Supervisory Patent Examiner, Art Unit 2617 Examiner, Art Unit 2617 
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Examiner, Art Unit 2617 



